I needed a favicon for a client project last week. Uploaded their logo to a popular free favicon generator. Got the .ico file back.
Then I checked the network tab. The logo had been sent to an analytics endpoint on a different domain. Not disclosed anywhere in the UI.
The Privacy Problem
Most favicon generators work like this:
- You upload an image
- It goes to their server for resizing/conversion
- You download the result
- They keep a copy (often stated in privacy policies under "service improvement")
For a personal blog, maybe you don't care. For a client's unreleased brand assets? Non-starter.
Building a Client-Side Alternative
I built genfavicon.org to test whether favicon generation could work entirely in the browser. Turns out it can — Canvas API handles all the resizing and format conversion.
The same approach works for other image tools:
- svg2png.org converts vector to raster locally
- compress2png.com compresses images without uploading
The Pattern
const canvas = document.createElement('canvas');
canvas.width = 32; canvas.height = 32;
const ctx = canvas.getContext('2d');
ctx.drawImage(img, 0, 0, 32, 32);
canvas.toBlob(blob => {
const url = URL.createObjectURL(blob);
// Trigger download — file never left the browser
});
Before you upload brand assets to a "free" tool, check their network tab.
Top comments (0)